CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

909 matches found

Japan Vulnerability Notes•added 2022/12/06 6:8 a.m.•1 views

Contec SolarView Compact vulnerable to cross-site scripting

Overview SolarView Compact provided by Contec Co., Ltd. is PV Measurement System. SolarView Compact contains a cross-site scripting vulnerability CWE-79, CVE-2022-44355 in Check Network Communication Page of the product's web server. As of 2022 December 5, a Proof-of-Concept PoC code exploiting...

6.1CVSS6.3AI score0.00293EPSS

Exploits1References6

CNNVD•added 2022/12/02 12:0 a.m.•3 views

Horner Automation Remote Compact Controller 加密问题漏洞

The Horner Automation Remote Compact Controller Horner Automation RCC is a compact controller from Horner Automation, USA. A vulnerability exists in Horner Automation Remote Compact Controller 972 firmware version 15.40 due to an encryption issue in the configuration file using weak XOR encryptio...

7.5CVSS7.5AI score0.00059EPSS

Exploits0References3

CNNVD•added 2022/12/02 12:0 a.m.•2 views

Horner Automation Remote Compact Controller 安全漏洞

The Horner Automation Remote Compact Controller Horner Automation RCC is a compact controller from Horner Automation, USA. A security vulnerability exists in Horner Automation Remote Compact Controller 972 firmware version 15.40, which originates from the inclusion of global variables on the...

7.5CVSS7.5AI score0.00202EPSS

Exploits0References3

ICS•added 2022/12/01 12:0 a.m.•35 views

Horner Automation Remote Compact Controller

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Horner Automation Equipment: Remote Compact Controller RCC 972 Vulnerabilities: Inadequate Encryption Strength, Use of Hard-coded Cryptographic Key, Excessive Reliance on Global Variables 2. RISK...

9.8CVSS8.9AI score0.00298EPSS

Exploits0References5

CNVD•added 2022/11/30 12:0 a.m.•21 views

Contec SolarView Compact File Upload Vulnerability

Contec SolarView Compact is an application system from Contec Japan. It provides photovoltaic power generation measurement system. A file upload vulnerability exists in Contec SolarView Compact versions 4.0 and 5.0. The vulnerability stems from the application's lack of effective validation of...

9.8CVSS9.7AI score0.02442EPSS

Exploits1References1

OSV•added 2022/11/29 5:15 p.m.•1 views

CVE-2022-44355

SolarView Compact 7.0 is vulnerable to Cross-site Scripting XSS via /networktest.php...

6.1CVSS5.8AI score0.00293EPSS

Exploits1References1

OSV•added 2022/11/29 5:15 p.m.•0 views

CVE-2022-44354

SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file...

9.8CVSS5.8AI score0.02442EPSS

Exploits1References1

NVD•added 2022/11/29 5:15 p.m.•10 views

CVE-2022-44354

SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file...

9.8CVSS0.02442EPSS

Exploits1References1

NVD•added 2022/11/29 5:15 p.m.•9 views

CVE-2022-44355

SolarView Compact 7.0 is vulnerable to Cross-site Scripting XSS via /networktest.php...

6.1CVSS0.00293EPSS

Exploits1References1

Prion•added 2022/11/29 5:15 p.m.•10 views

Cross site scripting

SolarView Compact 7.0 is vulnerable to Cross-site Scripting XSS via /networktest.php...

5.8CVSS6AI score0.00293EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2022/11/29 12:0 a.m.•5 views

CVE-2022-44355

SolarView Compact 7.0 is vulnerable to Cross-site Scripting XSS via /networktest.php...

6.2AI score0.00293EPSS

Exploits1References1

Positive Technologies•added 2022/11/29 12:0 a.m.•2 views

PT-2022-27190 · Unknown · Solarview Compact

Name of the Vulnerable Software and Affected Versions: SolarView Compact versions 4.0 through 5.0 Description: The issue allows for Unrestricted File Upload via a crafted php file. Recommendations: For SolarView Compact versions 4.0 through 5.0, consider restricting the upload of php files to...

9.8CVSS9.3AI score0.02442EPSS

Exploits1References4

CVE•added 2022/11/29 12:0 a.m.•50 views

CVE-2022-44355

SolarView Compact 7.0 is affected by a Cross-site Scripting (XSS) vulnerability in the web server page /network_test.php. The issue (CVE-2022-44355) affects the Check Network Communication page and can lead to arbitrary script execution in a logged-in user’s browser. Root cause: XSS in the web in...

6.1CVSS6AI score0.00293EPSS

Exploits1References1Affected Software1

CVE•added 2022/11/29 12:0 a.m.•56 views

CVE-2022-44354

CVE-2022-44354 affects SolarView Compact 4.0–5.0. The connected documents describe an Unrestricted File Upload vulnerability caused by insufficient validation of uploaded files in these versions, allowing a crafted PHP file to be uploaded. The consequence is high impact (confidentiality, integrit...

9.8CVSS9.1AI score0.02442EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/11/29 12:0 a.m.•12 views

CVE-2022-44354

SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file...

9.4AI score0.02442EPSS

Exploits1References1

Positive Technologies•added 2022/11/29 12:0 a.m.•2 views

PT-2022-27191 · Unknown · Solarview Compact

Name of the Vulnerable Software and Affected Versions: SolarView Compact version 7.0 Description: The issue is related to Cross-site Scripting XSS via the "/network test.php" API endpoint. This allows for potential malicious script injection and execution. No information is provided about the...

6.1CVSS6.2AI score0.00293EPSS

Exploits1References5

CNNVD•added 2022/11/29 12:0 a.m.•2 views

Contec SolarView Compact 代码问题漏洞

9.8CVSS7.5AI score0.02442EPSS

Exploits1References2

CNNVD•added 2022/11/29 12:0 a.m.•2 views

Contec SolarView Compact 跨站脚本漏洞

Contec SolarView Compact is an application system from Contec Japan. It provides a photovoltaic power generation measurement system. A security vulnerability exists in Contec SolarView Compact version 7.0, which originated from a discovery via /networktest.php that contains a cross-site scripting...

6.1CVSS5.5AI score0.00293EPSS

Exploits1References3

Cvelist•added 2022/11/29 12:0 a.m.•12 views

CVE-2022-44355

SolarView Compact 7.0 is vulnerable to Cross-site Scripting XSS via /networktest.php...

6.2AI score0.00293EPSS

Exploits1References1

NVD•added 2022/11/17 4:15 a.m.•13 views

CVE-2022-40881

SolarView Compact 6.00 was discovered to contain a command injection vulnerability via networktest.php...

9.8CVSS0.93672EPSS

Exploits2References1